Vulnerabilities > Flycms Project > Medium

DATE CVE VULNERABILITY TITLE RISK
2024-01-18 CVE-2024-22548 Cross-site Scripting vulnerability in Flycms Project Flycms 1.0
FlyCms 1.0 is vulnerable to Cross Site Scripting (XSS) in the system website settings website name section.
network
low complexity
flycms-project CWE-79
5.4
5.4
2024-01-18 CVE-2024-22549 Cross-site Scripting vulnerability in Flycms Project Flycms 1.0
FlyCms 1.0 is vulnerable to Cross Site Scripting (XSS) in the email settings of the website settings section.
network
low complexity
flycms-project CWE-79
5.4
5.4
2024-01-01 CVE-2024-21732 Cross-site Scripting vulnerability in Flycms Project Flycms 1.0
FlyCms through abbaa5a allows XSS via the permission management feature.
network
low complexity
flycms-project CWE-79
6.1
6.1
2021-04-01 CVE-2020-19613 Server-Side Request Forgery (SSRF) vulnerability in Flycms Project Flycms 20190503
Server Side Request Forgery (SSRF) vulnerability in saveUrlAs function in ImagesService.java in sunkaifei FlyCMS version 20190503.
network
low complexity
flycms-project CWE-918
5.0
5.0